#!/usr/bin/env python# -*- coding: iso-8859-1# Note that PyPy contains also a built-in module 'sha' which will hide# this one if compiled in."""A sample implementation of SHA-1 in pure Python. Framework adapted from Dinu Gherman's MD5 implementation by J. Hallén and L. Creighton. SHA-1 implementation based directly on the text of the NIST standard FIPS PUB 180-1."""__date__='2004-11-17'__version__=0.91# Modernised by J. Hallén and L. Creighton for Pypyimportstruct,copy# ======================================================================# Bit-Manipulation helpers## _long2bytes() was contributed by Barry Warsaw# and is reused here with tiny modifications.# ======================================================================def_long2bytesBigEndian(n,blocksize=0):"""Convert a long integer to a byte string. If optional blocksize is given and greater than zero, pad the front of the byte string with binary zeros so that the length is a multiple of blocksize. """# After much testing, this algorithm was deemed to be the fastest.s=''pack=struct.packwhilen>0:s=pack('>I',n&0xffffffffL)+sn=n>>32# Strip off leading zeros.foriinrange(len(s)):ifs[i]<>'\000':breakelse:# Only happens when n == 0.s='\000'i=0s=s[i:]# Add back some pad bytes. This could be done more efficiently# w.r.t. the de-padding being done above, but sigh...ifblocksize>0andlen(s)%blocksize:s=(blocksize-len(s)%blocksize)*'\000'+sreturnsdef_bytelist2longBigEndian(list):"Transform a list of characters into a list of longs."imax=len(list)/4hl=[0L]*imaxj=0i=0whilei<imax:b0=long(ord(list[j]))<<24b1=long(ord(list[j+1]))<<16b2=long(ord(list[j+2]))<<8b3=long(ord(list[j+3]))hl[i]=b0|b1|b2|b3i=i+1j=j+4returnhldef_rotateLeft(x,n):"Rotate x (32 bit) left n bits circularly."return(x<<n)|(x>>(32-n))# ======================================================================# The SHA transformation functions## ======================================================================deff0_19(B,C,D):return(B&C)|((~B)&D)deff20_39(B,C,D):returnB^C^Ddeff40_59(B,C,D):return(B&C)|(B&D)|(C&D)deff60_79(B,C,D):returnB^C^Df=[f0_19,f20_39,f40_59,f60_79]# Constants to be usedK=[0x5A827999L,# ( 0 <= t <= 19)0x6ED9EBA1L,# (20 <= t <= 39)0x8F1BBCDCL,# (40 <= t <= 59)0xCA62C1D6L# (60 <= t <= 79)]classsha:"An implementation of the MD5 hash function in pure Python."digest_size=digestsize=20block_size=1def__init__(self):"Initialisation."# Initial message length in bits(!).self.length=0Lself.count=[0,0]# Initial empty message as a sequence of bytes (8 bit characters).self.input=[]# Call a separate init function, that can be used repeatedly# to start from scratch on the same object.self.init()definit(self):"Initialize the message-digest and set all fields to zero."self.length=0Lself.input=[]# Initial 160 bit message digest (5 times 32 bit).self.H0=0x67452301Lself.H1=0xEFCDAB89Lself.H2=0x98BADCFELself.H3=0x10325476Lself.H4=0xC3D2E1F0Ldef_transform(self,W):fortinrange(16,80):W.append(_rotateLeft(W[t-3]^W[t-8]^W[t-14]^W[t-16],1)&0xffffffffL)A=self.H0B=self.H1C=self.H2D=self.H3E=self.H4""" This loop was unrolled to gain about 10% in speed for t in range(0, 80): TEMP = _rotateLeft(A, 5) + f[t/20] + E + W[t] + K[t/20] E = D D = C C = _rotateLeft(B, 30) & 0xffffffffL B = A A = TEMP & 0xffffffffL """fortinrange(0,20):TEMP=_rotateLeft(A,5)+((B&C)|((~B)&D))+E+W[t]+K[0]E=DD=CC=_rotateLeft(B,30)&0xffffffffLB=AA=TEMP&0xffffffffLfortinrange(20,40):TEMP=_rotateLeft(A,5)+(B^C^D)+E+W[t]+K[1]E=DD=CC=_rotateLeft(B,30)&0xffffffffLB=AA=TEMP&0xffffffffLfortinrange(40,60):TEMP=_rotateLeft(A,5)+((B&C)|(B&D)|(C&D))+E+W[t]+K[2]E=DD=CC=_rotateLeft(B,30)&0xffffffffLB=AA=TEMP&0xffffffffLfortinrange(60,80):TEMP=_rotateLeft(A,5)+(B^C^D)+E+W[t]+K[3]E=DD=CC=_rotateLeft(B,30)&0xffffffffLB=AA=TEMP&0xffffffffLself.H0=(self.H0+A)&0xffffffffLself.H1=(self.H1+B)&0xffffffffLself.H2=(self.H2+C)&0xffffffffLself.H3=(self.H3+D)&0xffffffffLself.H4=(self.H4+E)&0xffffffffL# Down from here all methods follow the Python Standard Library# API of the sha module.defupdate(self,inBuf):"""Add to the current message. Update the md5 object with the string arg. Repeated calls are equivalent to a single call with the concatenation of all the arguments, i.e. m.update(a); m.update(b) is equivalent to m.update(a+b). The hash is immediately calculated for all full blocks. The final calculation is made in digest(). It will calculate 1-2 blocks, depending on how much padding we have to add. This allows us to keep an intermediate value for the hash, so that we only need to make minimal recalculation if we call update() to add more data to the hashed string. """leninBuf=long(len(inBuf))# Compute number of bytes mod 64.index=(self.count[1]>>3)&0x3FL# Update number of bits.self.count[1]=self.count[1]+(leninBuf<<3)ifself.count[1]<(leninBuf<<3):self.count[0]=self.count[0]+1self.count[0]=self.count[0]+(leninBuf>>29)partLen=64-indexifleninBuf>=partLen:self.input[index:]=list(inBuf[:partLen])self._transform(_bytelist2longBigEndian(self.input))i=partLenwhilei+63<leninBuf:self._transform(_bytelist2longBigEndian(list(inBuf[i:i+64])))i=i+64else:self.input=list(inBuf[i:leninBuf])else:i=0self.input=self.input+list(inBuf)defdigest(self):"""Terminate the message-digest computation and return digest. Return the digest of the strings passed to the update() method so far. This is a 16-byte string which may contain non-ASCII characters, including null bytes. """H0=self.H0H1=self.H1H2=self.H2H3=self.H3H4=self.H4input=[]+self.inputcount=[]+self.countindex=(self.count[1]>>3)&0x3fLifindex<56:padLen=56-indexelse:padLen=120-indexpadding=['\200']+['\000']*63self.update(padding[:padLen])# Append length (before padding).bits=_bytelist2longBigEndian(self.input[:56])+countself._transform(bits)# Store state in digest.digest=_long2bytesBigEndian(self.H0,4)+ \
_long2bytesBigEndian(self.H1,4)+ \
_long2bytesBigEndian(self.H2,4)+ \
_long2bytesBigEndian(self.H3,4)+ \
_long2bytesBigEndian(self.H4,4)self.H0=H0self.H1=H1self.H2=H2self.H3=H3self.H4=H4self.input=inputself.count=countreturndigestdefhexdigest(self):"""Terminate and return digest in HEX form. Like digest() except the digest is returned as a string of length 32, containing only hexadecimal digits. This may be used to exchange the value safely in email or other non- binary environments. """return''.join(['%02x'%ord(c)forcinself.digest()])defcopy(self):"""Return a clone object. Return a copy ('clone') of the md5 object. This can be used to efficiently compute the digests of strings that share a common initial substring. """returncopy.deepcopy(self)# ======================================================================# Mimic Python top-level functions from standard library API# for consistency with the _sha module of the standard library.# ======================================================================# These are mandatory variables in the module. They have constant values# in the SHA standard.digest_size=20digestsize=20blocksize=1defnew(arg=None):"""Return a new sha crypto object. If arg is present, the method call update(arg) is made. """crypto=sha()ifarg:crypto.update(arg)returncrypto